Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF118D3058EB11F091212AAFDAE4EC9C.roa
File: FF118D3058EB11F091212AAFDAE4EC9C.roa (raw, json)
Hash identifier: /bxZOY8uOLNaEJF9vIxJhZjqFmcQjejY3+bZZS6j4So=
Subject key identifier: 19:62:27:08:5E:C3:68:9D:BF:A7:5D:7F:CF:BF:2B:AA:9B:42:D3:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF118D3058EB11F091212AAFDAE4EC9C.roa
Signing time: Fri 04 Jul 2025 15:31:47 +0000
ROA not before: Fri 04 Jul 2025 15:31:42 +0000
ROA not after: Sun 24 Aug 2025 15:31:42 +0000
asID: 61414
IP address blocks: 154.217.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100980 (0x18a74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 15:31:42 2025 GMT
Not After : Aug 24 15:31:42 2025 GMT
Subject: CN=6867f3e3-f25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:70:49:3f:98:32:ca:4b:f8:8f:19:7e:de:a1:
a1:a8:1d:4b:1a:43:c5:5d:6a:15:d1:e0:4f:29:05:
b2:ef:ce:da:f9:6d:a6:f2:27:8e:5f:11:66:5d:39:
d0:fb:75:6c:e0:48:68:8c:72:19:3f:a2:f1:a7:fb:
30:b0:75:27:0a:d9:c1:12:a9:81:2f:8b:5e:81:72:
31:ab:21:05:95:64:4a:41:c8:87:f9:75:05:87:f2:
0d:da:ea:e7:3d:e2:f7:3e:e2:c5:02:df:46:08:4a:
2e:e5:90:0a:1e:11:bd:0c:1a:fa:1a:68:b6:b1:db:
3d:05:6d:13:0d:3d:f4:9f:3b:ef:9e:0d:4c:4e:5c:
c8:2c:3b:f2:33:38:b3:7b:a0:f5:93:50:7e:61:19:
bb:34:9f:70:d4:13:76:60:73:f5:55:bc:1d:ec:51:
6b:17:4f:a0:3c:bf:95:27:12:1c:c5:9c:46:01:21:
75:8b:ee:e4:8b:a8:c8:0c:7e:5c:ed:b3:84:b8:14:
07:f6:06:58:f8:91:c6:a5:14:44:0e:c6:76:c0:73:
cd:e9:77:b2:19:e0:2c:ac:b6:05:c3:0a:f6:8c:40:
3c:98:a6:95:7a:b8:de:b9:a0:ba:c4:b6:d6:0d:d5:
06:9f:37:ca:92:1f:62:d5:5f:52:1f:72:b1:63:3c:
4f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:62:27:08:5E:C3:68:9D:BF:A7:5D:7F:CF:BF:2B:AA:9B:42:D3:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF118D3058EB11F091212AAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.248.0/21
Signature Algorithm: sha256WithRSAEncryption
80:f7:9f:d5:89:73:f3:57:34:ca:23:66:af:f5:47:b2:ae:52:
85:fc:9c:2a:15:4a:36:26:d6:1e:5d:75:c6:4b:ae:f7:cf:bd:
b3:29:77:bd:4d:65:e8:87:de:1f:79:5c:dc:c6:6e:a2:eb:4c:
be:e4:64:65:00:6c:3b:8f:82:95:b4:e1:7c:c8:c2:da:4e:8c:
f2:12:2e:7e:ad:89:50:4e:ad:88:96:bd:02:42:dd:c6:2d:e8:
90:07:27:c4:ef:d6:37:73:90:3c:6f:0c:f0:9c:8c:90:49:57:
67:99:7e:d3:f5:08:51:e5:a5:28:50:b6:2b:65:da:00:78:47:
04:a6:72:79:f0:1f:c5:c7:93:0a:a1:80:b9:32:bc:10:a6:d5:
16:de:6e:f1:bd:64:2a:93:40:cd:c5:3d:a7:20:70:e6:2b:de:
6d:b2:f7:0a:a6:e2:3a:83:9c:d6:5c:29:21:b0:87:63:21:bd:
c0:14:d7:a2:fc:0f:5d:cc:ea:0c:62:24:e0:36:75:79:cc:80:
a0:d7:7d:fd:f9:0f:e8:d5:7e:02:eb:3a:9f:45:b3:5d:28:d1:
73:27:67:ec:48:d4:97:ba:c3:82:fb:67:26:06:db:d3:b5:dc:
e2:29:3f:8d:0a:af:89:a6:ef:92:07:4c:ff:53:76:dd:44:20:
8d:b3:09:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYp0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTUzMTQyWhcNMjUwODI0MTUzMTQyWjAYMRYw
FAYDVQQDEw02ODY3ZjNlMy1mMjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs3BJP5gyykv4jxl+3qGhqB1LGkPFXWoV0eBPKQWy787a+W2m8ieOXxFm
XTnQ+3Vs4EhojHIZP6Lxp/swsHUnCtnBEqmBL4tegXIxqyEFlWRKQciH+XUFh/IN
2urnPeL3PuLFAt9GCEou5ZAKHhG9DBr6Gmi2sds9BW0TDT30nzvvng1MTlzILDvy
Mzize6D1k1B+YRm7NJ9w1BN2YHP1Vbwd7FFrF0+gPL+VJxIcxZxGASF1i+7ki6jI
DH5c7bOEuBQH9gZY+JHGpRREDsZ2wHPN6XeyGeAsrLYFwwr2jEA8mKaVerjeuaC6
xLbWDdUGnzfKkh9i1V9SH3KxYzxPhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBli
Jwhew2idv6ddf8+/K6qbQtOLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRjExOEQzMDU4RUIxMUYwOTEyMTJBQUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtn4MA0GCSqGSIb3DQEB
CwUAA4IBAQCA95/ViXPzVzTKI2av9UeyrlKF/JwqFUo2JtYeXXXGS673z72zKXe9
TWXoh94feVzcxm6i60y+5GRlAGw7j4KVtOF8yMLaTozyEi5+rYlQTq2Ilr0CQt3G
LeiQByfE79Y3c5A8bwzwnIyQSVdnmX7T9QhR5aUoULYrZdoAeEcEpnJ58B/Fx5MK
oYC5MrwQptUW3m7xvWQqk0DNxT2nIHDmK95tsvcKpuI6g5zWXCkhsIdjIb3AFNei
/A9dzOoMYiTgNnV5zICg1339+Q/o1X4C6zqfRbNdKNFzJ2fsSNSXusOC+2cmBtvT
tdziKT+NCq+Jpu+SB0z/U3bdRCCNswmA
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:09 2025 by rpki-client